8fb52656abb708a5c2a64bdd5da968cf35673939170fe594f8971f9de559c8d9

Sharing

Copy URL Twitter E-mail

General

Target

8fb52656abb708a5c2a64bdd5da968cf35673939170fe594f8971f9de559c8d9
Size

143KB
MD5

8037437b8b8ad07539e66e7e73437d30
SHA1

4e69d1f2a7401b53dd92413d5ce050f71bfa1945
SHA256

8fb52656abb708a5c2a64bdd5da968cf35673939170fe594f8971f9de559c8d9
SHA512

a579f4311031c50e502e547129c079191a320398c4f6772c26a003131c8787170378b159fbdd54afce94a3298f3ba917abd7f5831293c5fbd7d1e85b61a6d395
SSDEEP

3072:YxmHymSZCl7XLtjFORmofFaVrQQoQyfr5NULAhoNqIMq85hkQlQI3N1cv3tr1:YYLl7XhjBOoL54I78TkQWs12/

Score

N/A

Malware Config

Signatures

Files

8fb52656abb708a5c2a64bdd5da968cf35673939170fe594f8971f9de559c8d9
.dll windows x86

bf705b177748f67c0f1f98e370398c43

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GetStringTypeW
GetStringTypeA
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetStdHandle
WriteFile
ExitProcess
Sleep
GetModuleHandleW
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapDestroy
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCommandLineA
HeapAlloc
HeapFree
GetLastError
GetPrivateProfileStringA
GetPrivateProfileIntA
GetVersion
IsValidCodePage
GetTimeFormatW
GetLocaleInfoW
GetDateFormatA
GetTimeFormatA
GetLocaleInfoA
GetDateFormatW
GlobalUnlock
GetTimeZoneInformation
GlobalAlloc
GetTickCount
GlobalLock
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
GetUserDefaultLangID
_lopen
_lread
_lclose
GetOEMCP
_llseek

user32

CharNextA
CloseClipboard
SetFocus
EmptyClipboard
DefWindowProcA
OpenClipboard
SetClipboardData
DestroyWindow
CreateWindowExA
IsWindowVisible
GetMessageTime
GetMessagePos
ClientToScreen
GetClassNameA
GetMenuItemID
GetDesktopWindow
GetMenuItemCount
FindWindowA
GetWindow
EndPaint
DrawIconEx
BeginPaint
PtInRect
InflateRect
SetRect
SetWindowPos
GetCursorPos
GetSystemMetrics
LoadImageA
CallWindowProcA
DestroyIcon
DrawFrameControl
CopyRect
SetTimer
KillTimer
SetWindowLongA
SetClassLongA
CallNextHookEx
FindWindowExA
SetWindowsHookExA
IsWindow
UnhookWindowsHookEx
GetWindowThreadProcessId
ScreenToClient
FillRect
GetFocus
GetClientRect
DrawFocusRect
InvalidateRect
PostMessageA
GetWindowRect
GetParent
SendMessageA
GetClassLongW
GetWindowLongW
GetWindowLongA
GetClassLongA
GetDC
ReleaseDC
GetSysColor

gdi32

GetTextMetricsA
SetTextAlign
TextOutW
GetStockObject
CreateSolidBrush
BitBlt
DeleteDC
DeleteObject
SetBkMode
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
CreateDIBitmap
EnumFontFamiliesExA
GetDeviceCaps
DPtoLP
CreateFontIndirectA
SetTextColor
TextOutA
GetTextExtentPoint32W
CreatePen
LineTo
GetTextExtentPoint32A
MoveToEx
GetClipBox
SetBkColor
SelectObject
GetTextCharset
GetCurrentObject

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

shell32

ExtractIconExA
DragAcceptFiles

Exports

Exports

GetTClockVersion
HookEnd
HookStart

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MYDATA
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bf705b177748f67c0f1f98e370398c43

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 5KB - Virtual size: 13KB

MYDATA Size: 512B - Virtual size: 12B

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 7KB - Virtual size: 7KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 5KB - Virtual size: 13KB

MYDATA
Size: 512B - Virtual size: 12B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 7KB - Virtual size: 7KB

.rmnet
Size: 56KB - Virtual size: 60KB